[ubuntu/artful-proposed] spice 0.12.8-2.1 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Wed May 3 17:44:40 UTC 2017
spice (0.12.8-2.1) unstable; urgency=medium
* Non-maintainer upload.
* Add CVE-2016-9577-and-CVE-2016-9578.patch:
- CVE-2016-9577: A buffer overflow vulnerability in
main_channel_alloc_msg_rcv_buf was found that occurs when reading large
messages due to missing buffer size check.
- CVE-2016-9578: A vulnerability was discovered in the server's
protocol handling. An attacker able to connect to the spice server could
send crafted messages which would cause the process to crash.
(Closes: #854336)
Date: 2017-02-16 04:20:39.516657+00:00
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/spice/0.12.8-2.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Artful-changes
mailing list